def create_vip(vip_name=None, l3_uuid=None): if not vip_name: vip_name = 'test vip' if not l3_uuid: l3_name = os.environ.get('l3PublicNetworkName') l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid vip_creation_option = test_util.VipOption() vip_creation_option.set_name(vip_name) vip_creation_option.set_l3_uuid(l3_uuid) vip = zstack_vip_header.ZstackTestVip() vip.set_creation_option(vip_creation_option) vip.create() return vip
def test(): ''' Since VR ip address is assigned by zstack, so we need to use VR to test PF rules' connectibility. PF test needs at least 3 VR existence. The PF VM's VR is for set PF rule. The PF rule will add VIP for PF_VM. Besides of PF_VM's VR, there are needed another 2 VR VMs. 1st VR public IP address will be set as allowedCidr. The 1st VR VM should be able to access PF_VM. So the 2nd VR VM should not be able to access PF_VM. In this test, will also add SG rules to check the coexistence between PF and SG. SG rule will be added onto PF_VM's internal IP. ''' pf_vm = test_stub.create_vr_vm('migrate_pf_sg_vm1', 'imageName_net', 'l3VlanNetwork2') test_obj_dict.add_vm(pf_vm) l3_name = os.environ.get('l3VlanNetworkName1') vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid) temp_vm1 = None if not vrs: #create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding temp_vm1 = test_stub.create_vr_vm('migrate_temp_vm1', 'imageName_net', 'l3VlanNetworkName1') test_obj_dict.add_vm(temp_vm1) vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0] else: vr1 = vrs[0] l3_name = os.environ.get('l3VlanNetwork3') vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid) temp_vm2 = None if not vrs: #create temp_vm2 for getting novlan's vr for test pf_vm portforwarding temp_vm2 = test_stub.create_vr_vm('migrate_temp_vm2', 'imageName_net', 'l3VlanNetwork3') test_obj_dict.add_vm(temp_vm2) vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0] else: vr2 = vrs[0] vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1) vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2) pf_vm.check() vm_nic = pf_vm.vm.vmNics[0] vm_nic_uuid = vm_nic.uuid pri_l3_uuid = vm_nic.l3NetworkUuid vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0] vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr) l3_uuid = vr_pub_nic.l3NetworkUuid vip_option = test_util.VipOption() vip_option.set_l3_uuid(l3_uuid) vip_uuid = net_ops.create_vip(vip_option).uuid pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports, vip_uuid=vip_uuid, vm_nic_uuid=vm_nic_uuid) test_pf = zstack_pf_header.ZstackTestPortForwarding() test_pf.set_creation_option(pf_creation_opt) test_pf.create(pf_vm) pf_vm.check() #Ignore this check, since it has been checked many times in other PF cases. #test_pf.check() sg1 = test_stub.create_sg() test_obj_dict.add_sg(sg1.security_group.uuid) sg_vm = zstack_sg_vm_header.ZstackTestSgVm() sg_vm.check() vm_nics = (vm_nic_uuid, pf_vm) rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.INGRESS, vr1_pub_ip) rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP, inventory.INGRESS, vr2_pub_ip) sg1.add_rule([rule1]) test_util.test_dsc("Add nic to security group 1.") test_util.test_dsc("PF rule is allowed, since VR1's IP is granted by SG Rule1.") sg_vm.attach(sg1, [vm_nics]) test_pf.check() test_stub.migrate_vm_to_random_host(pf_vm) test_util.test_dsc("Remove rule1 from security group 1.") test_util.test_dsc("PF rule is still allowed") sg1.delete_rule([rule1]) test_pf.check() test_util.test_dsc("Add rule2") test_util.test_dsc("PF rule is not allowed, since rule2 only allowed the ingress from VR2, but VR2 can't pass PF rule. ") sg1.add_rule([rule2]) test_pf.check() test_util.test_dsc("Delete SG") sg_vm.delete_sg(sg1) test_util.test_dsc("PF rule is allowed") test_pf.check() if temp_vm1: temp_vm1.destroy() test_obj_dict.rm_vm(temp_vm1) if temp_vm2: temp_vm2.destroy() test_obj_dict.rm_vm(temp_vm2) test_pf.delete() pf_vm.destroy() test_obj_dict.rm_vm(pf_vm) net_ops.delete_vip(vip_uuid) test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test(): global session_uuid global session_to global session_mc thread_threshold = os.environ.get('ZSTACK_THREAD_THRESHOLD') if not thread_threshold: thread_threshold = 1000 else: thread_threshold = int(thread_threshold) vip_num = os.environ.get('ZSTACK_TEST_NUM') if not vip_num: vip_num = 0 else: vip_num = int(vip_num) #change account session timeout. session_to = con_ops.change_global_config('identity', 'session.timeout', '720000', session_uuid) session_mc = con_ops.change_global_config('identity', 'session.maxConcurrent', '10000', session_uuid) session_uuid = acc_ops.login_as_admin() test_util.test_logger('ZSTACK_THREAD_THRESHOLD is %d' % thread_threshold) test_util.test_logger('ZSTACK_TEST_NUM is %d' % vip_num) org_num = vip_num vip_option = test_util.VipOption() l3_name = os.environ.get('l3PublicNetworkName') conditions = res_ops.gen_query_conditions('name', '=', l3_name) l3_uuid = res_ops.query_resource_with_num(res_ops.L3_NETWORK, conditions, \ session_uuid, start = 0, limit = 1)[0].uuid random_name = random.random() vip_name = 'perf_vip_%s' % str(random_name) vip_option.set_name(vip_name) vip_option.set_session_uuid(session_uuid) vip_option.set_l3_uuid(l3_uuid) vm_num = 0 while vip_num > 0: check_thread_exception() vip_num -= 1 vip_option.set_description(org_num - vip_num) if vm_num > (thread_threshold - 1): vm_num = 0 thread = threading.Thread(target=create_vip, args=(vip_option, )) vm_num += 1 while threading.active_count() > thread_threshold: time.sleep(1) thread.start() while threading.active_count() > 1: time.sleep(0.01) cond = res_ops.gen_query_conditions('name', '=', vip_name) vips_num = res_ops.query_resource_count(res_ops.VIP, cond, session_uuid) con_ops.change_global_config('identity', 'session.timeout', session_to, session_uuid) con_ops.change_global_config('identity', 'session.maxConcurrent', session_mc, session_uuid) acc_ops.logout(session_uuid) if vips_num == org_num: test_util.test_pass('Create %d VIPs Test Success' % org_num) else: test_util.test_fail('Create %d VIPs Test Failed. Only find %d VIPs.' % (org_num, vips_num))
def test(): global session_uuid global session_to global session_mc thread_threshold = os.environ.get('ZSTACK_THREAD_THRESHOLD') if not thread_threshold: thread_threshold = 1000 else: thread_threshold = int(thread_threshold) eip_num = os.environ.get('ZSTACK_TEST_NUM') if not eip_num: eip_num = 0 else: eip_num = int(eip_num) #change account session timeout. session_to = con_ops.change_global_config('identity', 'session.timeout', '720000', session_uuid) session_mc = con_ops.change_global_config('identity', 'session.maxConcurrent', '10000', session_uuid) session_uuid = acc_ops.login_as_admin() test_util.test_logger('ZSTACK_THREAD_THRESHOLD is %d' % thread_threshold) test_util.test_logger('ZSTACK_TEST_NUM is %d' % eip_num) org_num = eip_num vip_option = test_util.VipOption() l3_name = os.environ.get('l3PublicNetworkName') conditions = res_ops.gen_query_conditions('name', '=', l3_name) l3_uuid = res_ops.query_resource_with_num(res_ops.L3_NETWORK, conditions, \ session_uuid, start = 0, limit = 1)[0].uuid cond = res_ops.gen_query_conditions('l3NetworkUuid', '!=', l3_uuid) vm_nic_num = res_ops.query_resource_count(res_ops.VM_NIC, cond, \ session_uuid) if vm_nic_num < eip_num: test_util.test_fail( 'This test needs: %d vm nics for pf attaching and detaching operations. But there are only %d vm nics. Please use this case: test_crt_basic_vm_with_max_threads.py to create required VMs.' % (eip_num, vm_nic_num)) nics = [] start_num = 0 while eip_num > 0: vm_nics = res_ops.query_resource_fields(res_ops.VM_NIC, cond, \ session_uuid, ['uuid'], start_num, thread_threshold) for nic in vm_nics: nics.append(nic.uuid) eip_num -= thread_threshold start_num += thread_threshold eip_num = org_num random_name = random.random() vip_name = 'perf_vip_%s' % str(random_name) vip_option.set_name(vip_name) vip_option.set_session_uuid(session_uuid) vip_option.set_l3_uuid(l3_uuid) vic_num = 0 while eip_num > 0: check_thread_exception() eip_num -= 1 vip_option.set_description(org_num - eip_num) thread = threading.Thread(target=create_eip, args=( vip_option, nics[vic_num], )) vic_num += 1 while threading.active_count() > thread_threshold: time.sleep(1) thread.start() while threading.active_count() > 1: time.sleep(0.01) cond = res_ops.gen_query_conditions('name', '=', 'eip_%s' % vip_name) eips_num = res_ops.query_resource_count(res_ops.EIP, cond, session_uuid) con_ops.change_global_config('identity', 'session.timeout', session_to, session_uuid) con_ops.change_global_config('identity', 'session.maxConcurrent', session_mc, session_uuid) acc_ops.logout(session_uuid) if eips_num == org_num: test_util.test_pass('Create %d EIPs Test Success' % org_num) else: test_util.test_fail('Create %d EIPs Test Failed. Only find %d EIPs.' % (org_num, eips_num))
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id( 'usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id( project_operator_name, project_operator_password, attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id( 'usernamethree', 'password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid], project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id( project_operator_name, project_operator_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id( plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid], project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id( plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project( project_name, plain_user_session_uuid).uuid # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{ "effect": "Allow", "actions": ["org.zstack.header.vm.**"] }] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) vm_creation_option = test_util.VmOption() pub_l3_uuid = test_lib.lib_get_l3_by_name( os.environ.get('l3PublicNetworkName')).uuid l3_net_uuid = test_lib.lib_get_l3_by_name( os.environ.get('l3VlanNetworkName3')).uuid acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid]) vm_creation_option.set_l3_uuids([l3_net_uuid]) image_uuid = test_lib.lib_get_image_by_name( os.environ.get('imageName_net')).uuid vm_creation_option.set_image_uuid(image_uuid) acc_ops.share_resources([project_linked_account_uuid], [image_uuid]) instance_offering_uuid = test_lib.lib_get_instance_offering_by_name( os.environ.get('instanceOfferingName_s')).uuid vm_creation_option.set_instance_offering_uuid(instance_offering_uuid) acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid]) vm_creation_option.set_name('vm_for_project_management') vm_creation_option.set_session_uuid(project_login_uuid) vm = test_stub.create_vm(image_uuid=image_uuid, session_uuid=project_login_uuid) vm_uuid = vm.get_vm().uuid vip_option = test_util.VipOption() vip_option.set_name("vip for pm") vip_option.set_session_uuid(project_login_uuid) vip_option.set_l3_uuid(pub_l3_uuid) vm_nic = vm.vm.vmNics[0] vm_nic_uuid = vm_nic.uuid vip = net_ops.create_vip(vip_option) eip_option = test_util.EipOption() eip_option.set_name('eip for pm') eip_option.set_session_uuid(project_login_uuid) eip_option.set_vip_uuid(vip.uuid) eip_option.set_vm_nic_uuid(vm_nic_uuid) eip = net_ops.create_eip(eip_option) net_ops.detach_eip(eip.uuid, session_uuid=project_login_uuid) net_ops.attach_eip(eip.uuid, vm_nic_uuid, session_uuid=project_login_uuid) net_ops.detach_eip(eip.uuid, session_uuid=project_login_uuid) net_ops.delete_eip(eip.uuid) net_ops.delete_vip(vip.uuid) vm_ops.destroy_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.expunge_vm(vm_uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')